Federal Reserve Confirms Data Breach, Anonymous Claims Responsibility

The U.S. Federal Reserve confirmed on Wednesday that one of its internal computer systems had been breached on Sunday, and that hackers had obtained some confidential data “by exploiting a temporary vulnerability in a website vendor product.”

“Exposure was fixed shortly after discovery and is no longer an issue. This incident did not affect critical operations of the Federal Reserve system,” a Fed spokeswoman told Reuters, adding that all the affected individuals had been contacted.

The Internet activist group Anonymous claimed responsibility for the attack on Sunday night, and published personal information such as names, log-in data, IP addresses and contact information of more than 4,000 U.S. bank executives, including vice presidents and branch managers of banks and credit unions in 17 states.

The hacktivist group claimed responsibility through a Twitter account registered to OpLastResort, which is the name of an Anonymous campaign aimed at protesting the government prosecution of 26-year-old online activist Aaron Swartz, who committed suicide on January 11.

Swartz, a former Reddit executive, had been accused of illegally downloading academic documents from the Massachusetts Institute of Technology (MIT)’s network, for which prosecutors had charged him with computer intrusion, fraud and data theft. If convicted, Swartz was facing up to 35 years in prison.

Last month, hackers identifying themselves as Anonymous infiltrated the U.S. Sentencing Commission website in protest of the government’s treatment of the Swartz case.

The Federal Reserve did not disclose which of its websites had been hacked on Sunday, but internal documents obtained by Reuters revealed the breach involved a database belonging to the St. Louis Fed Emergency Communications System (ECS), a website used by bank executives to update the Fed if operations became damaged during a natural disaster.

In its message to banks, the Fed said the data compromised in Sunday´s breach included “optional information consisting of home phone and personal email.”

However, “despite claims to the contrary, passwords were not compromised.”

Hackers identifying themselves under the Anonymous banner have conducted a number of attacks on U.S. government systems, as well as those belonging to corporations and other private entities.

In 2011, Anonymous threatened to take action against the Fed over its economic policies, although the current incident is the first time the group has claimed success in breaching the U.S. central bank.